User interface applications

User input

The Symbian OS user interface is responsible for interacting with the user. However, it is possible for the user to unintentionally enter incorrect data that can interfere with the normal way the application works. Thus, the cardinal rule is that all input must be checked and validated before processing. The following figure shows an example of input processing phases.

Figure 21: Examples of input processing

A one-time check may not be enough because the content of data can change during processing, so it is advisable to quickly check the data every time it is used.

TrustedUI

Platform security's TrustedUI feature (not supported in the S60 platform) ensures that any confidential information entered in the user interface is not visible to or modifiable by a third party. The feature can be divided into two areas, trusted input and trusted output.

Trusted input guarantees that key and pointer events end up with the correct application and that third-party applications are not able to generate events on behalf of the user. Technical implementation for trusted input is the SwEvent capability, which allows generation of key and pointer events. The SwEvent capability is usually granted only to front-end processors (FEP).

Trusted output is used to inform the user about a genuine user interface (for example, password dialog). It is a combination of the ability to create trusted dialogs and ways to express that trust to the user. Either hardware or software indicators can be used in signaling the trust. Trusted dialogs can be created only by an application that has the TrustedUI capability. The application can then be sure that no other application can overlap its dialogs, except another application that has the TrustedUI capability. Trusted output is not implemented in the S60 platform.